Supply chain risk is rising but senior executives don’t know how to manage it, despite being well aware of it. Recent research by Möbius Consulting has produced a robust method to assess supply chain risk and demonstrate the effect of different risk scenarios on company earnings. Will Stirling reports.
The recession has put more companies at risk of insolvency, with knock-on effects in the supply chain that the boom economic cycle was unaccustomed to. In February, BMW had to rescue its main supplier of sun roofs, Edscha, when the German company filed for bankruptcy. BMW had no Plan B – it would have taken six months to secure another supplier.
Several big manufacturers have been precariously close to delivery failures due to their key suppliers nearly going out of business. And there are many cases of expensive product recalls that will have disrupted business operations. Coca-Cola lost $60m in sales when forced to recall 15 million cans and bottles of its product in European markets after several consumers became ill, according to the consultancy Aberdeen Group.
Supply chain risk has always been there but it takes a global recession to bring it up the agenda. Consultants Aberdeen, Accenture, McKinsey, and insurance company Marsh have all identified supply chain risk (SCR) as a top five factor in business planning for multinational companies. “Most companies lack a strategic approach to supply chain risk management, at a time when supply chain risks are increasing,” Aberdeen Group’s supply chain risk management (SCRM) benchmark report says.
And no less authority than the World Economic Forum 2009 named SCR as one of four key emerging risks that will shape the global risk landscape, including also financial risk, food security and the role of energy.
Möbius Consulting, with its academic partners at Vlerick Leuven Ghent Management School, spotted this trend. But it was only when they read the literature and surveys, which showed the prevalence of supply chain risk today, and saw that companies recognised SCR but were impotent to resolve it, that they decided to conduct a research project on how SCR can affect business management. Their research, co-authored by Ann Vereecke, dean of operations and supply chain group at the Vlerick Leuven Ghent Management School and Prof. Hendrik Vanmaele, managing director at Möbius, produced a thorough, effective model for analyzing SCR and its effects on earnings.
Best practice increases risk
Möbius began by participating in certain confidence research groups. The initial aim was to modify the risk management part of companies’ enterprise resource management (ERM). From here the evidence that force majeure events (events beyond their control) were affecting companies far more often than was expected. Preliminary research revealed two stark facts to vindicate their efforts:
1 The typical company reports an average 12.9 supply chain disruptions or outages in the past year. “More than once a month – that’s not small, because we do not consider operational risk in the main equation, we only consider the bigger external and internal risks,” says Danny Boeykens, a supply chain partner at Möbius in Sint- Martens-Latem, Belgium.
2 73% of global industries experienced a major supply chain disruption in the last five years. Source: Accenture and Oracle.
“Why are we doing on one hand supply chain best practice consultancy, global sourcing, lean etc while by doing these things, ironically, we’re introducing more risk into the supply chain?” says Boeykens.
Companies have a trade-off with supply chain risk.
Does it want efficiency in the short term, where it assumes normal business practices and conditions, and therefore apply standard supply chain models and ignore SCR; or does it see the bigger picture, and consider that once every five years it will have a major disruption? The second scenario requires techniques that mitigate risk. Where do you apply them and how much will they cost? These questions helped shape Möbius’s SCRM methodology.
The research found that board members are aware of the gravity of SCRM, but are powerless to deal with it appropriately. The literature supported this (see fig 1). Most of the ‘C-level’ –boardroom level executives – surveyed between 2006 and 2008 consider supply chain risk to have increased significantly or slightly.
They admitted knowing SCR was a serious risk but they didn’t know how to tackle it. “Based on this there was something we needed to address,” says Boeykens.
Hard times drives SCRM
There is a strong correlation between the world economy and SCRM. “With globalisation since the mid-1990s there’s been a major wave to increase your supply chain risk, in the pursuit of lower costs,” says Boeykens. He says it’s typical for a company that deals in China to have lead times of four weeks. “But companies are not sufficiently taking into account that it’s 3-4 weeks plus three more weeks if the container doesn’t get on the ship. Yes, this has been a risk for the last 30 plus years of Chinese imports, but not at this volume and not with as many companies involved – the risk of delayed supply is growing.” Companies using a Western European supplier that switch to an emerging country source are accustomed to the reliability of the first supplier and adjust their expectations for longer lead times. “But what they don’t take into account is the variance of the lead time allowing for plus two weeks,” Boeykens says. “We say forget that it can be plus four weeks, the SC effects are much bigger. Knowing this they might have chosen differently, e.g. a second European source.”
The need for cash
The economic crisis is also a big factor driving. “People are trying to get less working capital – everyone is in search of cash. If retailers or suppliers feel their supplies are at risk, they want firm orders and cash, if its not in stock they say we’ll produce/order it when you place your order.” Small companies and bigger companies are the same, they’re more willing to jeopardize a supplier relationship to secure cash orders. “We know of a big steel company that is willing to change their major production process with a lot of set-up time if their next production will provide cash within a month,” says Boeykens. The search for more cash will further erode the buffers to risk that are already limited, says Möbius’s research. By decreasing risk buffers, the C-level senior management tends to be very glad because now they see more short terms cash sales.
But risks increase, and gross sales with traditional suppliers will likely fall.
1 The risk list and classification Möbius and the Vlerick* Management Institute devised a supply chain risk list and classification from the available literature, the pre-research SC Risk survey, interviews with several companies and input from the study’s Advisory Board. This produced 60 of the biggest supply chain risks that companies will face (see fig 2). This list can be customised to a company, and added to with SCRs that are particular to that company.
Risks were then classified as:
• External risks – inc Demand, Supply (e.g a major supplier fails), and Environmental risks (such as recession, political risk) and
• Internal risks – inc Process risk on your own operation (your production line goes down), Control risks, i.e. those related to the system that control your operations, e.g ERP system failure.
• Specific SC risks to that company – such as contamination in food manufacture. Risks are very subjective. “A potential customer in retail management said control risk was his major risk – if his computer system goes down he couldn’t tell what to supply to his local stores,” says Boeykens.
2 Four steps to analysis (See fig 3.)
1 Map the SC that is being modeled. This identifies all the stages that risks might affect
2 Introduce risk. This has been defined for that company by the List & Classification process
3 Mitigation strategies. Identify the most appropriate strategies and map them on the SC risks
4 1, 2 and 3 feed into the SC Simulator Engine, the computer programme. The analysis summary is used to conclude the results and implement the best SCRM strategy.
Quantifying the effect in C-level language: EBITDA
Crucially, the method isolates each risk and calculates what contributions they would make to Ebitda earnings on a fiscal year basis. The Ebitda style KPI is essential, as it best reflects the terminology used by the board members.
The method focuses on strategic and tactical risks.
Operational risks, this is: those with an occurrence frequency of less than 3 months (the average master planning cycle) are principally not considered: they belong to the company’s operations management and should be treated accordingly.
An essential step is to determine the frequency of occurrence of certain risks, i.e. the probability of risks affecting the company at different intervals. This is guess work for most people, so typically the model would ask more than one person. ”Typically in our tool, if someone says ‘I think it’s every two years’, then we would at least simulate the same risk for an alternative frequency of once every year and another one for once every five years to see the sensitivity for each period. So if one assessment is wrong, we have an idea of the sensitivity of the assessment to the overall risk.
Evaluating risk in cash terms
Other supply chain risk management models exist. Möbius claims this is different in its use of simulation technology.
“Instead of using a static calculation in a spreadsheet, we actually model your supply chain and play it like it would actually happen. It’s software that allows you to map your project – here SCR – with building blocks.” To validate the model of the supply chain matrix they feed it with last year’s actuals – the company’s accounts. “The Ebitda in the model should typically be equivalent to the Ebitda
that the company realized last year. This validates the model.” Three Ebitda figures are calculated to show and compare the affect of SCR on earnings.
1 Normal operation – Ebitda without SC risk added. No risks were fed in, Ebitda should match actuals from last year.
2 Introduce a number of risks – shows impact of risk on Ebitda. It will impact it along the supply chain. Called a Delta Ebitda. That price difference in Delta is the cost of SCR.
3 Introduce measures that decrease the risk = Mitigation.
Compare this with the investment made on that mitigation strategy.
• Repeat for a number of risk combinations and mitigation strategies
The process is thorough – how many simulations does it involve? First it identifies a top list of relevant major risks to a company. “If there were 20 major risks, we’d typically do 20 sets of 50 simulation runs. Each one could take three minutes or more.”
The research project is currently being finished and is being subsided by the Flemish government. Two of the corporate advisory board members, Barco, a Belgian electronics company and Saflex, have been the guinea pigs. They each invested 2-3 months of their own time. In return they receive an analysis of their SC risks for free.